"""
This module inherits from class BaseController and provides 
an easy way to authenticate a user using username and password. 
Every class using this need's to have a 'requires_auth = True' 
statement right after the class signature.  
"""

"""
    This file is part of project webCA

    webCA is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    webCA is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with webCA. If not, see <http://www.gnu.org/licenses/>.
"""

import logging

from pylons import request, response, session, tmpl_context as c
from pylons.controllers.util import abort, redirect_to

from webca.lib.base import BaseController, render

log = logging.getLogger(__name__)

# needed to access app_globals.py
from pylons import config 

class LoginController(BaseController):
   def index(self):
       """Show login form. Submits to /login/submit
       """
       # set title and page name 
       c.title = 'Admin Login'
       c.page_name = 'Admin Login'
       
       return render('login.mako')

   def submit(self):
       """Verify username and password
       """
       c.title = 'Admin Login'
       c.page_name = 'Admin Login'
       
       # reading from username and password field
       form_username = str(request.params.get('username'))
       form_password = str(request.params.get('password'))
       
       # if the the provided information matches the defined one, pass...
       if config['ca_admin_user'] == form_username and config['ca_admin_pass'] == form_password:
           # ...and mark the user as logged on
           session['user'] = form_username
           session.save()    

           # then send user back to the page he originally wanted to get to
           if session.get('path_before_login'):
               redirect_to(session['path_before_login'])
           else: # if the previous target is unknown just send the user to a welcome page
               return render('boot_strap.mako')
       # else the provided information did not match, throw an error message
       else:
           if config['ca_debug']: print 'could not auth username:', form_username, ' with password:', form_password
           c.stderr_value = 'Wrong username or password!'
           
           return render('login.mako')

   def logout(self):
       """Logout the user, delete the session and display a confirmation message
       """
       # set title and page name 
       c.title = 'Admin Login'
       c.page_name = 'Admin Login'
       
       # is user really logged in?
       if 'user' in session:
           # okay,  let's delete the session
           del session['user']
           session.save()
           # give some feedback to the admin
           c.stderr_value = 'You have successfully been logged out'
        
       return render('login.mako')

